package com.shijie99.demo.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.shijie99.demo.exception.AuthorizationException;
import com.shijie99.demo.util.Constant;

public class SecurityInterceptor implements HandlerInterceptor {
	private static final Logger logger = LoggerFactory.getLogger(SecurityInterceptor.class);

	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		logger.info("验证请求:[" + request.getRequestURI() + "]!" );
		HttpSession session  = request.getSession();
		if(session.getAttribute(Constant.SESSION_USER) == null) {
			logger.info("拦截非法请求:[" + request.getRequestURI() + "]!" );
			throw new AuthorizationException();
		} else {
			return true;
		}
	}

	@Override
	public void postHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler,
			ModelAndView modelAndView) throws Exception {
	}

	@Override
	public void afterCompletion(HttpServletRequest request,
			HttpServletResponse response, Object handler, Exception ex)
			throws Exception {
	}

}
